PHP 5.2.2

PHP started as a quick Perl hack written by Rasmus Lerdorf in late 1994. Over the next two to three years, it evolved into what we today know as PHP/FI 2.0. PHP for Windows is a quick Perl hack tool.

PHP/FI started to get a lot of users, but things didn`t start flying until Zeev Suraski and Andi Gutmans suddenly came along with a new parser in the summer of 1997, leading to PHP 3.0. PHP 3.0 defined the syntax and semantics used in both versions 3 and 4.

What’s New in This Release:

· Fixed possible safe_mode & open_basedir bypasses inside the session extension.
· Fixed unserialize() abuse on 64 bit systems with certain input strings.
· Fixed possible overflows and stack corruptions in the session extension.
· Fixed an underflow inside the internal sapi_header_op() function.
· Prevent search engines from indexing the phpinfo() page.
· Fixed a number of input processing bugs inside the filter extension.
· Fixed allocation bugs caused by attempts to allocate negative values in some code paths.
· Fixed possible stack/buffer overflows inside zip, imap & sqlite extensions.
· Fixed several possible buffer overflows inside the stream filters.
· Memory limit is now enabled by default.
· Added internal heap protection.
· Extended filter extension support for $_SERVER in CGI and apache2 SAPIs.
· Fixed non-validated resource destruction inside the shmop extension.
· Fixed a possible overflow in the str_replace() function.
· Fixed possible clobbering of super-globals in several code paths.
· Fixed a possible information disclosure inside the wddx extension.
· Fixed a possible string format vulnerability in *print() functions on 64 bit systems.
· Fixed a possible buffer overflow inside ibase_{delete,add,modify}_user() functions.
· Fixed a string format vulnerability inside the odbc_result_all() function…. [ read full changelog ]